What is claimed is: 

T. A security modeling system comprising: 

a network configuration module having network configuration data; and 
a simulator coupled to the network configuration module for simulating and 
analy&ng networks based on the network configuration, wherein the simulator includes a 
network vulnerabilities database. 



2. The system of claim 1, wherein the network vulnerabilities database includes 
network vulnerability, attack and exploitation data. 



3. The system of claim 2, wherein the network configuration data and the network 
vulnerability, attack and exploitation data are stored in database tables and the data is 
processable by a computer. 

4. The system of claim 1, herein the network configuration module comprises 
network configuration data output bwa network configuration discovery tool. 

5. The system of claim 1 , wherein tWs simulator includes a graphical user interface. 

6. The system of claim 2, wherein the simulator includes a means for receiving the 
network vulnerability, attack and exploitation data 

7. The system of claim 1, wherein the simulator ii^ludes a defender and an attacker 
user interface. 

8. The system of claim 1, wherein the security modeling^ system is portable. 

9. A computer game comprising: 
a network configuration module having network configuration data; 
a simulator coupled to the network configuration moduleyfor simulating and 
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>analyzing networks based on the network configuration, wherein the simulator includes a 
network vulnerabilities database, and wherein the simulator includes a graphical user 
intermfce for playing the game. 

10. A secuirfysmodeling system comprising: 

a network configuration module having network configuration data; 

a simulator coupkd to the network configuration module for simulating and 
analyzing networks based on\he network configuration, wherein the simulator includes a 
network vulnerabilities database; and 

a mission objectives module coupled to the simulator, wherein the mission 
objectives module includes criticalVesource information. 

11. The system of claim 10, wherein the network vulnerabilities database includes 
network vulnerability, attack and exploitation data. 

12. The system of claim 11, wherein thb network configuration data and the network 
vulnerability, attack and exploitation data \s stored in database tables and the data is 
processable by a computer. \ 

13. The system of claim 10, wherein the simulator includes a graphical user interface. 

14. The system of claim 10, wherein the critical, resource information includes goals, 
expectations and constraints for simulating the network. 

15. The system of claim 10, wherein the simulator includes a means for receiving the 
network vulnerability, attack and exploitation data. \ 

16. The system of claim 10, wherein the security modeling system is portable. 

17. The system of claim 10, wherein the simulator includes atiefender and an attacker 
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usfer interface. 

18. \& method of analyzing a computer network using a security modeling system, 
wherein the security modeling system includes a database of network vulnerability 
information, the method comprising: 

providing artwork configuration of a computer network; 
simulating the^network based on the network configuration; and 
determining vulnerabilities of the simulated network using the vulnerability 
information stored in the^iatabase. 

19. The method of claim 18, wherein providing a network configuration includes 
receiving a configuration as tHe output of a network discovery tool. 

\ 

20. The method of claim 1^8 ,\ wherein providing a network configuration includes 
receiving a data file which incluo^s v a configuration of the computer network. 

V 

2 1 . The method of claim 1 8, whe\ein simulating the network includes: 
receiving mission objectives; ^ 
storing the objectives; and 

simulating the network based on thVnetwork configuration and mission objectives. 

V 

22. The method of claim 2 1 , wherein determining vulnerabilities includes modifying 
the simulation using a graphical user interface. \ 

23. The method of claim 22, wherein modifying the simulation includes dynamically 
interacting with an attacker. 

24. The method of claim 22, wherein modifying theVmulation includes dynamically 
interacting in real time with the security modeling system^ 
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25. ylie method of claim 23, wherein modifying the simulation includes dynamically 
interacting in real time with the security modeling system. 



26. The mettjod of claim 21, wherein determining vulnerabilities includes computing 
security results, wherein the security results include a security score. 



27. The method of clai^n 21, wherein determining vulnerabilities of the simulated 
network includes updating tlife vulnerabilities database when vulnerabilities are detected. 

28. A method of opposing network attackers comprising: 

receiving a network configuration, wherein the network configuration comprises 
computer hardware and software component information; 
receiving mission objectives: 
receiving commands from a network attacker; 

simulating the network based on the commands received from the network attacker, 
wherein simulating the network includes determining results as a function of the network 
configuration, mission objectives and stored vulnerability data for the described computer 
hardware and software components; and \ 

responding to the network attacker,\wherein responding to the attacker includes 
imposing barriers, providing response messages and protecting the network. 

29. The method of claim 28, wherein simulating the network further includes receiving 
commands from a defender and determining results based on the defender commands. 

30. The method of claim 28, wherein receiving configuration includes receiving critical 
resource information, wherein the critical resource information includes goals, expectation 
and constraints for simulating the network. \ 

31. The method of claim 28, and further includes modifying the simulation using a 
graphical user interface. \ 
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\32. The method of claim 3 1 , wherein determining vulnerabilities includes computing 
security results which include a security score. 



33. The method of claim 31, wherein receiving commands includes receiving attack 
actions whictHnclude commands that simulate service functionality, commands that change 
services or nodes^and commands that exploit vulnerabilities. 

34. A security modeling system for simulating objective networks comprising: 

a simulator having, a plurality of databases, wherein the plurality of databases 
include mission objectives tables, vulnerability tables, and network configuration tables, 
wherein the network configuration tables include network configuration data; and 

a graphical user interfac^which operates with the simulator to allow input and 
output to clients. 

35. The system of claim 34, whereirkthe mission objectives tables include mission 
tables, mission files tables and mission services tables. 

36. The system of claim 34, wherein the vulnerability tables include service tables. 

37. The system of claim 34, wherein the network configuration tables include 
configuration tables, defense tables, filter tables, node tables^routing tables and 
password tables. 
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